Hi Srigo,
You the remove in the right way, nothing more you can do about it. The
problem is how the remove works and how `stir_shaken_verify()` tests for
the hdr - the two are incompatible.
So, IMHO, we should remove from the `stir_shaken_verify()` function the
check on the Identity hdr presence . I just pushed this fix on
3.4/3.5/master versions.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
https://www.siphub.com
On 18.06.2024 09:31, Srigo Kanapathipillai wrote:
Hi,
I'm encountering an issue with removing an Identity header in OpenSIPS
3.4. Here’s the situation:
1. An incoming call with an Identity header is received.
2. I perform a `stir_shaken_verify()` and remove the Identity header
in a request route.
3. The call is forwarded to an upstream server, but it fails.
4. In the `failure_route`, I need to forward the call to a PSTN number.
5. Before sending the call to the PSTN (in compliance with French
STIR/SHAKEN regulations), I need to sign it with my certificate.
However, when I call `stir_shaken_auth()`, I receive an error -2
indicating that the Identity header already exists. Despite running
`remove_hf(identity)` before calling this function, the header isn't
removed, and `$hdr(identity)` still returns the initial value of the
Identity header.
What is the best way to remove the existing Identity header and
re-sign the call?
Thank you,
Srigo
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
